[219] in linux-security and linux-alert archive
IP firewalling and security
daemon@ATHENA.MIT.EDU (Leonard N. Zubkoff)
Mon Apr 24 17:49:04 1995
Date: Fri, 21 Apr 1995 08:27:49 -0700
From: "Leonard N. Zubkoff" <lnz@dandelion.com>
To: Thomas.Koenig@ciw.uni-karlsruhe.de
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: Thomas Koenig's message of Wed, 19 Apr 1995 20:35:19 +0200 (MET DST) <199504191835.UAA13887@mvmampc66.ciw.uni-karlsruhe.de>
Date: Wed, 19 Apr 1995 20:35:19 +0200 (MET DST)
From: Thomas.Koenig@ciw.uni-karlsruhe.de (Thomas Koenig)
If your router is configured to drop any packets which appear to come
from the inside, but come in from the outside, you've closed any
NFS holes there may be to the outside world.
If you're connected by PPP to the outside world, you can also use the
"interface" option to ipfw to drop packets coming from the wrong interface:
# Block UDP packets incorrectly claiming to be from the local Ethernet.
/sbin/ipfw add blocking deny udp iface $interface from x.y.z.0/22 to 0/0
/sbin/ipfw add blocking deny tcp iface $interface from 0/0 to 0/0 6000
The last line prevents any packet destined for port 6000 on the local machine
from coming in over the $interface interface.
Leonard
